signal and telegram are a no brainer when it comes to totalitarian regimes. i live in Kashmir which has historically and continues to hunt down dissidents with agility. i cannot imagine being tied to my "mobile number" when the government has that data by law, tying a telegram/signal account to it is a gone case by that point.
people who go with signal call it "better whatsapp without facebook tracking" but just like telegram, its Achilles heel is mobile number requirement. matrix has that from the start so its better in that respect. sure, matrix does not have "social graph" out of the box but in a "totalitarian regime", that is precisely what you want.
besides, you can set up your own matrix server, something whatsapp/telegram/signal simply cannot do so its 100% more secure in that sense
Synapse is still one of the worst installation processes[1] I've gone through. I'm extremely comfortable with Ansible and Docker but their install process sucks if you aren't exposing your Matrix instance to the world and don't have a domain pointing at it. On top of that, there are so many moving pieces to it if you want to bridge it to other services.
I got it all installed but ended up dumping it because I felt the complexity wasn't worth it. There are so many moving pieces imo.
Are there alternatives to Synapse for homeserver software? Or is there a less complex deployment method for a homeserver and bridges that I am not aware of?
Oh cool, I had never heard of YunoHost before this.
After my comment, I decided to give Matrix a try again and setup a fresh Arch Linux VPS for it. I didn't run into any snags but it took quite some time to get everything configured. It probably took me a solid 2 hours just to get everything up and running (Synapse + bridges for iMessage, Signal, Discord and IRC).
Not many applications I self host require as much setup as Synapse!
Thanks for giving it another go. Setting up Synapse itself should be super easy though - it’s just an https listener pointed at by an srv record or .well-known uri. We don’t need weird certificates or reverse proxy contortions these days (since Matrix left beta in 2019); it really should be a few minutes max to do it from git or pip, or a few seconds via apt or similar.
Now, setting up a bunch of bridges is indeed harder, but they are deliberately entirely separate apps, each with their own foibles. But just like you wouldn’t blame Apache httpd for some fiddly 3rd party Apache module, I wouldn’t blame Synapse for the complexities of running bridges.
Good perspective -- you are completely right, my perspective was totally off. Part of that reason is probably my only reason for using Matrix is for the bridging as I don't have friends or family who actually use Matrix, unfortunately, so I pretty much just use it for myself to bridge to other messengers.
But again, I appreciate you putting that into perspective. Synapse by itself really isn't too bad. But for it to be actually useful for myself takes a lot of work.
hey... glad you did that... i have been a matrix user for a few years but i have only heard about "bridges" but never really understood it. does a discord bridge mean i give my login/oath to matrix bridge from my discord and i can access those contacts in matrix without having 2 apps? that is my general assumption.
what about whatsapp for example? do i have to have an existing whatsapp account which constantly remains online and interacts on behalf of my matrix?
Bridges allow you to use other external accounts through your Matrix Homeserver. So with the Discord Puppet Bridge[1] I am using I can log into my Discord account from Matrix and handle all my Discord DMs and group chats using a Matrix client. So yes, bridges allow you to use Matrix for all your other chat applications.
The general workflow is after you install bridges that you configure your bridge to your existing account on the other platform. So for Signal, you open a chat with the Signal Bridge bot and issue a command to link to your account and then it walks through that process. Once the bridge is configured with your external account any new DMs and group chats from those external accounts will show up as DMs in Matrix.
Wait for evangelists to come and say that it's simply out of their threat model for Signal, it's actually just no-Facebook Whatsapp with Mobilecoin, you're a 0.0001% privacy geek whose needs are totally irrelevant to 99% of the actual userbase whose requirements are stories and, surprisingly, usernames which are coming the next day, pinky promise! That's what always is being heard in response to unorthodox requests wrt Signal development, chinese users case shining there especially so. But yeah, some people gotta bring some bread to their tables and other to get memed into "use Signal, use TOR".
I think the bigger question is anti-spam in anonymous chatrooms, even with the mobile phone requirements spammers (in particular from Nigeria, why does this country have so many scammers in particular?) are everywhere and spamming all the time, I'm in 5 or so groups and every day 2-3 spam messages have to be deleted. There are millions of fake channels and I wouldn't be surprised if up to or over 10% of telegrams messages sent are spam/scams.
What does matrix do to prevent the tidal wave of spam hitting it?
I would say it's the same question as "what does IRC do?" as the general design is the same - maybe a bit more friction signing up with Matrix than IRC but at the end of the road they operate on the same trust model. The Matrix team blogged about a spambot attack last year on this very question: https://matrix.org/blog/2021/06/30/security-update-synapse-1...
Side comment: because my mobile number was leaked (breached) by T-Mobile which included my name, I get way, way way more spam via it than anything else. Lots of political spam, 95% or greater from the right/repub end of the spectrum.
Edit, side comment #2: I ported my secondary Google Voice number out to Tello (a low cost MVNO in the US) with a SIM in a spare phone, and all the spam I was getting every day to that number simply stopped instantly. I'm a little amazed to be honest, it's very interesting.
Ah sorry that's a spambot attack, the spam on telegram is 99% Indian/Nigerian origin of people literally just signing up to go into group channels and spam whatsapp channels/msg me for how to make riches/join this trading signals channel you'll make millions.
the more public group that i am in, i leave "mentions and keywords only" notifications on so it does not bother me with every buzz. that way, only groups that i know are "relevant" can notify me, these groups i can browse later when i get the time
i am member of a group, public, 876 users as of right now, another openstreetmap india group and that one has 1350.
only the osm-in has some sort of "spam" where i see occasional crap thrown on but that gets flagged and removed quickly.
i don't know about telegram but my matrix account(s) are pretty public but i have basically never gotten a stray spam. as i said, one group has a "couple of spam messages occasionally" but i can "report" the user and check tickbox
"Ignore user
Check if you want to hide all current and future messages from this user." which should be good.
that is what i wrote. matrix does not by design force users to submit a mobile number while everyone else does because they want to use that for social graph, etc etc.
people who go with signal call it "better whatsapp without facebook tracking" but just like telegram, its Achilles heel is mobile number requirement. matrix has that from the start so its better in that respect. sure, matrix does not have "social graph" out of the box but in a "totalitarian regime", that is precisely what you want.
besides, you can set up your own matrix server, something whatsapp/telegram/signal simply cannot do so its 100% more secure in that sense